npm - hackmyagent-core - Versions diffs - 0.2.3 → 0.3.1 - Mend

hackmyagent-core 0.2.3 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/README.md +116 -0
package/dist/attack/attack.test.d.ts +5 -0
package/dist/attack/attack.test.d.ts.map +1 -0
package/dist/attack/attack.test.js +292 -0
package/dist/attack/attack.test.js.map +1 -0
package/dist/attack/index.d.ts +8 -0
package/dist/attack/index.d.ts.map +1 -0
package/dist/attack/index.js +24 -0
package/dist/attack/index.js.map +1 -0
package/dist/attack/payloads/capability-abuse.d.ts +8 -0
package/dist/attack/payloads/capability-abuse.d.ts.map +1 -0
package/dist/attack/payloads/capability-abuse.js +199 -0
package/dist/attack/payloads/capability-abuse.js.map +1 -0
package/dist/attack/payloads/context-manipulation.d.ts +8 -0
package/dist/attack/payloads/context-manipulation.d.ts.map +1 -0
package/dist/attack/payloads/context-manipulation.js +194 -0
package/dist/attack/payloads/context-manipulation.js.map +1 -0
package/dist/attack/payloads/data-exfiltration.d.ts +8 -0
package/dist/attack/payloads/data-exfiltration.d.ts.map +1 -0
package/dist/attack/payloads/data-exfiltration.js +222 -0
package/dist/attack/payloads/data-exfiltration.js.map +1 -0
package/dist/attack/payloads/index.d.ts +27 -0
package/dist/attack/payloads/index.d.ts.map +1 -0
package/dist/attack/payloads/index.js +68 -0
package/dist/attack/payloads/index.js.map +1 -0
package/dist/attack/payloads/jailbreak.d.ts +8 -0
package/dist/attack/payloads/jailbreak.d.ts.map +1 -0
package/dist/attack/payloads/jailbreak.js +236 -0
package/dist/attack/payloads/jailbreak.js.map +1 -0
package/dist/attack/payloads/prompt-injection.d.ts +8 -0
package/dist/attack/payloads/prompt-injection.d.ts.map +1 -0
package/dist/attack/payloads/prompt-injection.js +235 -0
package/dist/attack/payloads/prompt-injection.js.map +1 -0
package/dist/attack/scanner.d.ts +59 -0
package/dist/attack/scanner.d.ts.map +1 -0
package/dist/attack/scanner.js +312 -0
package/dist/attack/scanner.js.map +1 -0
package/dist/attack/types.d.ts +128 -0
package/dist/attack/types.d.ts.map +1 -0
package/dist/attack/types.js +36 -0
package/dist/attack/types.js.map +1 -0
package/dist/benchmarks/index.d.ts +16 -0
package/dist/benchmarks/index.d.ts.map +1 -0
package/dist/benchmarks/index.js +27 -0
package/dist/benchmarks/index.js.map +1 -0
package/dist/benchmarks/oasb-1.d.ts +95 -0
package/dist/benchmarks/oasb-1.d.ts.map +1 -0
package/dist/benchmarks/oasb-1.js +623 -0
package/dist/benchmarks/oasb-1.js.map +1 -0
package/dist/hardening/scanner.d.ts.map +1 -1
package/dist/hardening/scanner.js +1 -0
package/dist/hardening/scanner.js.map +1 -1
package/dist/hardening/security-check.d.ts +3 -0
package/dist/hardening/security-check.d.ts.map +1 -1
package/dist/index.d.ts +6 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +24 -2
package/dist/index.js.map +1 -1
package/package.json +1 -1

package/dist/benchmarks/oasb-1.d.ts ADDED Viewed

@@ -0,0 +1,95 @@
+/**
+ * OASB-1: AI Agent Security Benchmark
+ * Version 1.0.0
+ *
+ * Maps OASB-1 controls to HackMyAgent check IDs
+ */
+export type BenchmarkLevel = 'L1' | 'L2' | 'L3';
+export interface BenchmarkControl {
+    id: string;
+    name: string;
+    category: string;
+    level: BenchmarkLevel;
+    scored: boolean;
+    description: string;
+    /** HackMyAgent check IDs that verify this control */
+    checkIds: string[];
+    /** Control is automated (🤖), manual (👤), or forward-looking (🔮) */
+    verification: 'automated' | 'manual' | 'forward';
+    /** Remediation guidance for this control */
+    remediation?: string;
+    /** URL to detailed documentation */
+    helpUrl?: string;
+}
+export interface BenchmarkCategory {
+    id: number;
+    name: string;
+    description: string;
+    controls: BenchmarkControl[];
+}
+export interface BenchmarkResult {
+    benchmark: string;
+    version: string;
+    level: BenchmarkLevel;
+    timestamp: Date;
+    /** Overall compliance percentage */
+    compliance: number;
+    /** L1 compliance percentage */
+    l1Compliance: number;
+    /** L2 compliance percentage (includes L1) */
+    l2Compliance: number;
+    /** L3 compliance percentage (includes L1+L2) */
+    l3Compliance: number;
+    /** Rating based on compliance */
+    rating: 'Certified' | 'Compliant' | 'Passing' | 'Needs Improvement' | 'Failing';
+    categories: BenchmarkCategoryResult[];
+    /** Total controls checked */
+    totalControls: number;
+    /** Controls that passed */
+    passedControls: number;
+    /** Controls that failed */
+    failedControls: number;
+    /** Controls that couldn't be verified (forward/manual) */
+    unverifiedControls: number;
+}
+export interface BenchmarkCategoryResult {
+    category: string;
+    compliance: number;
+    passed: number;
+    failed: number;
+    unverified: number;
+    controls: BenchmarkControlResult[];
+}
+export interface BenchmarkControlResult {
+    controlId: string;
+    name: string;
+    level: BenchmarkLevel;
+    status: 'passed' | 'failed' | 'unverified';
+    /** Findings that relate to this control */
+    findings: string[];
+    /** Fix instructions if failed */
+    remediation?: string;
+}
+/**
+ * OASB-1 Benchmark Definition
+ */
+export declare const OASB_1_CATEGORIES: BenchmarkCategory[];
+/**
+ * Get all controls for a specific level (includes lower levels)
+ */
+export declare function getControlsForLevel(level: BenchmarkLevel): BenchmarkControl[];
+/**
+ * Get all controls for a specific category
+ */
+export declare function getControlsForCategory(categoryName: string): BenchmarkControl[];
+/**
+ * Get all check IDs that map to OASB-1 controls for a given level
+ */
+export declare function getCheckIdsForLevel(level: BenchmarkLevel): string[];
+/**
+ * Calculate compliance rating based on percentages
+ */
+export declare function calculateRating(l1Compliance: number, l2Compliance: number, l3Compliance: number, level: BenchmarkLevel): BenchmarkResult['rating'];
+export declare const OASB_1_VERSION = "1.0.0";
+export declare const OASB_1_NAME = "OASB-1: AI Agent Security Benchmark";
+//# sourceMappingURL=oasb-1.d.ts.map

package/dist/benchmarks/oasb-1.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"oasb-1.d.ts","sourceRoot":"","sources":["../../src/benchmarks/oasb-1.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,MAAM,cAAc,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AAEhD,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,OAAO,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,qDAAqD;IACrD,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,sEAAsE;IACtE,YAAY,EAAE,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;IACjD,4CAA4C;IAC5C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,oCAAoC;IACpC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,gBAAgB,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,cAAc,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,oCAAoC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,gDAAgD;IAChD,YAAY,EAAE,MAAM,CAAC;IACrB,iCAAiC;IACjC,MAAM,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS,GAAG,mBAAmB,GAAG,SAAS,CAAC;IAChF,UAAU,EAAE,uBAAuB,EAAE,CAAC;IACtC,6BAA6B;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,0DAA0D;IAC1D,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,sBAAsB,EAAE,CAAC;CACpC;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,QAAQ,GAAG,QAAQ,GAAG,YAAY,CAAC;IAC3C,2CAA2C;IAC3C,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,iBAAiB,EA6hBhD,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,cAAc,GAAG,gBAAgB,EAAE,CAO7E;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,gBAAgB,EAAE,CAK/E;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,cAAc,GAAG,MAAM,EAAE,CASnE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,cAAc,GACpB,eAAe,CAAC,QAAQ,CAAC,CAsB3B;AAED,eAAO,MAAM,cAAc,UAAU,CAAC;AACtC,eAAO,MAAM,WAAW,wCAAwC,CAAC"}